public IActionResult Add(int pid, string caname) { caname = Tool.GetSafeSQL(caname); string pnum = "0"; if (pid != 0) { Category pca = dal.GetModel(pid); if (pca != null) { if (pca.ParNum != "0") { return(Json(new { status = "n", info = "Can only have 2 tier of category!" })); } pnum = pca.Num; if (dal.CalcCount($"parnum='{pca.Num}' and caname='{caname}'") > 0) { return(Json(new { status = "n", info = "Cannot have same name with other category!" })); } } } else { if (dal.CalcCount($"parnum='0' and caname='{caname}'") > 0) { return(Json(new { status = "n", info = "Cannot have same name with other category!" })); } } string num = dal.GenBH(pnum, 2); dal.Insert(new Model.Category() { CaName = caname, ParNum = pnum, Num = num, }); return(Json(new { status = "y", info = "Create new Category success!" })); }